to access 4 Virtual Hosts from a public IP

Jason Edgecombe jason at rampaginggeek.com
Sun Apr 11 09:26:29 CDT 2010


Tapas Mishra wrote:
> On Sat, Apr 10, 2010 at 10:50 PM, Jason Edgecombe
> <jason at rampaginggeek.com> wrote:
>   
>> ok, I'm a little confused. Please confirm that I understand this correctly.
>>
>> You have 6 hosts:
>>     
> Right
>   
>>   two physical machines: A( xenhost dom0) & B (non-xen)
>>     
> Right
>   
>>   four xen domU's: a,b,c,d
>>     
> Right
>   
>> You have two physical networks: Net1 (public internet), and Net2 (private
>> net)
>>     
> Yes 2 networks
>   
>> Xen host A is connected to both Net1 and Net2.
>>     
> Yes on same interface.
>   
>> Host A has a xen bridged
>>     
> Yes now this is the problem wether bridge is running on it or not I am
> not sure although
> brctl show
> gives an out put bridge name eth2
> but I am using xen 3.2 and in xen 3.3 and onwards the default name of
> bridge is same as
> the ethernet card.
>
>   
>> network with Net2, so that a, b, c, and d are all bridged to Net2.
>>
>> Host B is Net2.
>>     
>
>   
>> Is this correct?
>>     
> Yes
>
> Ok by the time you replied I had figured out see if it is right.
> Dom0 is acting as a router here
> as this page says
> dom0 from acting as an IP router: echo 0 > /proc/sys/net/ipv4/ip_forward.
> So the way I explained ssh is working from behind.
>
> Now the thing is I want to go to setup IPTABLES and NAT on Dom0 for
> the virtual hosts.
> I am very well aware of IPTABLES but Xen Dom0 is confusing me.
> I want these virtual hosts to be able to connect to internet as I run apt-get
> or commands so I will be creating a squid proxy on Dom0 for
> DomU's to be behind Dom0 is it possible if yes if you can provide me
> some link that may help me a bit.
> Xen network wiki page talks some thing about ebtables.
> http://ebtables.sourceforge.net/br_fw_ia/br_fw_ia.html
> Now here is I am confused at ebtables and iptables.
>   
You shouldn't need to use ebtables. Iptables should work.

For your situation, you will need "echo 1 > /proc/sys/net/ipv4/ip_forward"
you should be able to to set up a bridge, but use the private NIC 
instead of the public NIC on dom0., then just follow a NAT tutorial.

Leave the ssh forwarding and apache proxy until last.

Jason



More information about the Linux-PowerEdge mailing list